package org.csl.study.spring.springsecurity;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.inMemoryAuthentication()
	        .withUser("admin").password("123").roles("USER")
	        .and()
	        .withUser("tom").password("123").roles("USER");
	}

	@Override
	public void configure(WebSecurity web) throws Exception {
		web.ignoring().antMatchers("/index.html")
		.and()
		.ignoring().antMatchers("/resources/static/**");
		
	}
	@Override
	protected void configure(HttpSecurity http) throws Exception {
	        http
	            .authorizeRequests()
	                .antMatchers("/", "/login").permitAll()//根路径和/login路径不拦截
	                .anyRequest().authenticated()
	                .and()
	            .formLogin()
	                .loginPage("/login")//2登陆页面路径为/login
	                .defaultSuccessUrl("/chat") //3登陆成功转向chat页面
	                .permitAll()
	                .and()
	            .logout()
	                .permitAll();
	  
    }



}
